License Sentinel/Documentation
v1.0
API Documentation

License Sentinel Licensing System

This documentation covers License Sentinel REST API services including license validation, endpoint details and production-ready API snippets.

All REST endpoints are accessible via https://api.licensesentinel.net

Authentication

All REST requests require the X-Api-Key header. Missing or invalid keys return 401 Unauthorized.

Required Request Headers
X-Api-Key: your_api_key_here
Content-Type: application/json

Base URL

REST BASE URL

https://api.licensesentinel.net

Validate License

Main endpoint. Validates PASETO claims and applies counter/time effects based on license type.

POST/api/licenses/validate
JSON
{
  "token": "v2.local.Abc123..."
}

Validate SEC License

Security-focused license type for JAR protection and policy enforcement.

POST/api/sec/validate
JSON
{
  "token": "v2.local.Sec123..."
}

Reactive License

Tokenless, IP-based verification flow. No request body required.

GET/api/reactive/validate
JSON
// No body. Validation is done from the client IP.
// Server reads X-Forwarded-For header.

Sovereign Cloud

DynaMid token based license validation for sovereign deployments.

POST/api/msc/validate
JSON
{
  "token": "dynaMid.Msc123..."
}

Response Schema

All successful responses share the same envelope:

ApiResponse<T>
{
  "type": "success" | "error",
  "timestamp": "2024-01-15T10:30:00Z",
  "endpoint": "/api/licenses/validate",
  "method": "POST",
  "message": "License validated.",
  "data": {
    "actionSuccessful": true,
    "license": { ... }
  }
}

Error Codes

CodeStatusDescription
200OKOperation successful.
400Bad RequestBad parameter, empty token or IP mismatch.
401UnauthorizedToken invalid, expired or license revoked.
429Too Many RequestsRate limit exceeded. 32 requests per 35s.
500Internal Server ErrorUnexpected server-side error.

Frontend Parse Guide

Some endpoints return the message inside data.message, others at the top-level message field. The pattern below handles both:

JavaScript / TypeScript
// Safely read the message:
const message =
  api?.message ??
  api?.data?.message ??
  api?.data?.reason ??
  "Unknown error";

// Check success status:
const success =
  api?.data?.actionSuccessful === true ||
  api?.data?.isValid === true;
SDK Examples

Language Examples

Select your language below. Each snippet is production-ready with error handling included.

Node.js JS · REST
const axios = require('axios');

async function validateLicense(token) {
  try {
    const res = await axios.post('https://api.licensesentinel.net/api/licenses/validate', {
      token
    }, {
      headers: {
        'Content-Type': 'application/json',
        'X-Api-Key': process.env.ONE_API_KEY
      }
    });

    const { data } = res;
    const success = data?.data?.actionSuccessful === true;
    const message = data?.message ?? data?.data?.message ?? 'Unknown error';

    return { success, message, license: data?.data?.license };
  } catch (err) {
    const msg = err.response?.data?.message ?? err.message;
    throw new Error(`License validation failed: ${msg}`);
  }
}

// Kullanım
validateLicense(process.env.LICENSE_TOKEN).then(result => {
  if (result.success) {
    console.log('✅ Lisans geçerli:', result.license?.type);
  } else {
    console.error('❌', result.message);
    process.exit(1);
  }
});
AI Ready

AI_READY.md

A machine-consumable summary of the entire LicenseSentinel system — paste this directly into any AI assistant (Claude, GPT, etc.) to give it full context about the platform.

↓ Download AI_READY.md

1. What is LicenseSentinel?

Frontend (Next.js 16, Tailwind v4), Backend (Spring Boot 3.4, Java 17, PostgreSQL), API base URL https://api.licensesentinel.net

2. Architecture Overview

Browser → REST (Bearer / API Key) → Spring Boot. JWT & PASETO token validation, WebSocket, gRPC, Discord JDA, Resend email, Skidfuscator obfuscation.

3. License Types

Standard · HWID · SEC · RX (Reactive / IP) · Withpack · Sovereign Cloud (MSC) · Obfuscation. Status values: ACTIVE | EXPIRED | USAGE_LIMIT_REACHED | INACTIVE | MISCONFIGURED

4. REST API Reference

POST /api/licenses/validate · POST /api/sec/validate · POST /api/rx/validate · POST /api/msc/validate — all returning the unified envelope { type, timestamp, endpoint, method, message, data }

5. Response Envelope

Unified JSON shape with type ('success'|'error'), timestamp, endpoint, method, message, and data. Parse with api?.data?.actionSuccessful === true.

6. Frontend Architecture

Next.js App Router, Outfit font, Tailwind CSS v4 oklch palette, better-auth session hooks, MagneticTable (TanStack v8), Shadcn/ui, feature flags via hasFeature().

7. Auth & Roles

better-auth session · useSession() · session.accessToken for Bearer auth · Roles: OWNER / ADMIN / MEMBER · Feature flags per team plan.

8. SDK Examples

Production-ready snippets for JavaScript/TypeScript, Python, Java, C# covering standard license validation with full error handling.

The full document is available at /docs/AI_READY.md in the repository root — or download it above and paste it as a system prompt.

License Sentinel Platform · Documentation v1.0